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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1114. Applicant's submission filed on May 31, 
2007 has been entered. 

Claims 2, 3, 9, 10, 16, 17, and 18 are currently cancelled. 

Claims 1, 4, 5, 8, 11, 12, 15, and 19 are currently amended. 

Claims 1, 4-8, 11-15, and 19-20 are currently pending and herein considered. 

Response to Arguments 

Applicant's arguments and amendments filed May 31, 2007 with respect to the 
rejection(s) of claim(s) 1-20 under 35 USC 102(e) under Radia have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 
However, upon further consideration, a new ground(s) of rejection is made in view of 
United States Patent No. 6,098,172 to Coss et al. 
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Applicant's arguments and amendments filed May 31 , 2007 with respect to the 
rejection(s) of claim(s) 1-20 under 35 USC 112, 2 nd paragraph have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1, 4-8, 11-15, and 19-20 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Coss et al., United States Patent 6,098,172, hereinafter referred to 
as Coss. 

As per claim 1, Coss discloses a method for presorting a plurality of rules for 
filtering a packet in network, the method comprising the steps of: 

selecting a characteristic for sorting the plurality of rules, wherein said 
characteristic is at least one of a source address and a destination address (col.1 line 
63 thru col.2 line 4, col.4 lines 17-33); 

associating each rule with at least one of a plurality of values for said 
characteristic (col.4 lines 17-33); 
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presorting at a network security filter the plurality of rules according to each value 
for said characteristic ("firewall") (col.1 lines 6-8 and 59-67); 

receiving the packet at the network security filter ("firewall") (col.1 lines 6-8 and 
59-67); 

analyzing information in the packet to retrieve from the received packet one of 
said values (col. 9 lines 1-33); 

selecting at least one of the presorted plurality of rules according to said one 
value retrieved from the received packet, wherein the selected rule is associated with 
said one value (col. 9 lines 1-33); and 

applying said selected rule to the received packet, such that the received packet 
is permitted to enter the network or alternatively is dropped in accordance with the 
selected rule (col.1 line 59 thru col.2 line 4, col.4 lines 40-50). 

As per claim 4, Coss discloses wherein said characteristic is a combination of 
said source address of the packet and said destination address of the packet (col.2 
lines 1-4, col.4 lines 17-33). 

As per claim 5, Coss discloses wherein a user is associated with each value 
such that said associating each rule with at least one value for said characteristic further 
comprise assigning at least one privilege to a user and determining whether to 
associate each rule with said value of said characteristic according to said at least one 
privilege (col.1 lines 63-67, col.2 lines 38-41, col. 8 lines 3-35). 
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As per claim 6, Coss discloses wherein said assigning at least one privilege to 
said user further comprises determining a user profile of associated rules according to 
said at least one privilege (coL1 lines 63-67, coL2 lines 38-41, col. 8 lines 3-35). 

As per claim 7, Coss discloses associating a user profile with a group profile, 
such that a plurality of values for said characteristic is associated with said associated 
rules of said group profile (col. 2 lines 38-42). 

As per claim 8, Coss discloses an apparatus for presorting a plurality of rules for 
filtering a packet in network, wherein a characteristic for sorting the plurality of rules is at 
least one of a source address and a destination address (col.1 line 63 thru col. 2 line 4), 
said characteristic has a plurality of possible values, and each rule is associated with at 
least one value for said characteristic, the apparatus comprising: 

a software module for performing the operations of: 

presorting at a network security filterffirewall") (col.1 lines 6-8 and 59-67) the 
plurality of rules according to each value for said characteristic (col.1 line 63 thru col. 2 
line 4); 

analyzing information in the packet received at the network security filter 
("firewall") to retrieve from the packet a value for said characteristic (col. 9 lines 1-33); 
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selecting at least one of the presorted plurality of rules according to said value 
retrieved from the packet wherein the selected rule is associated with said value (col.1 
line 59 thru col. 2 line 4, col.4 lines 40-50); and 

applying said selected rule to the packet, such that the packet is permitted to 
enter the network or alternatively is dropped in accordance with selected rule (col.1 line 
59 thru col.2 line 4, col.4 lines 40-50). 

As per claim 11, Coss discloses wherein said characteristic is a combination of 
said source address of the packet and said destination address of the packet (col.2 
lines 1-4, col.4 lines 17-33). 

As per claim 12, Coss discloses wherein a user is associated with each value of 
said characteristic such that the software module further performs the operations of 

assigning at least one privilege to a user and determining whether to associate 
each rule with said value according to said at least one privilege (col.1 lines 63-67, col.2 
lines 38-41, col.8 lines 3-35). 

As per claim 13, Coss discloses wherein said assigning at least one privilege to 
said user further comprises determining a user profile of associated rules according to 
said at least one privilege (col.1 lines 63-67, col.2 lines 38-41, col.8 lines 3-35). 



Application/Control Number: 10/088,399 Page 7 

Art Unit: 2137 

As per claim 14, Coss discloses associating a user profile with a group profile, 
such that a plurality of values for said characteristic is associated with said associated 
rules of said group profile (col. 2 lines 38-42). 

As per claim 15, Coss discloses a computer program product comprising 

a computer usable medium having computer readable code embodied therein for 
presorting a plurality of rules for filtering a packet received at a network security filter, 
the computer program product comprising computer readable program code for 
performing the operations of: 

selecting a characteristic for sorting the plurality of rules, said characteristic has a 
plurality of possible values, wherein said characteristic is at least one of a source 
address and a destination address (col.1 line 63 thru col.2 line 4); 

associating each rule with at least one value for said characteristic (col.4 lines 
17-33), 

presorting at a network security filter ("firewall") (col.1 lines 6-8 and 59-67) the 
plurality of rules according to each value for said characteristic; 



Application/Control Number: 10/088,399 Page 8 

Art Unit: 2137 

analyzing information in the packet received at a network security filter to retrieve 
said value from the packet and selecting at least one of the presorted plurality of rules 
according to said value retrieved from the packet wherein the selected rule is 
associated with said value (col. 9 lines 1-33); and 

applying said selected rule to the received packet, such that the received packet 
is permitted to enter the network or alternatively is dropped in accordance with said 
selected rule (col.1 line 59 thru col.2 line 4, col.4 lines 40-50). 

As per claim 19, Coss discloses wherein said characteristic is a combination of 
the source address of the packet and the destination address of the packet (col.1 line 
63 thru col.2 line 4, col.4 lines 1 7-33). 

As per claim 20, Coss discloses wherein a user is associated with each value of 
said characteristic such that said computer readable program code further comprises 
the operations of assigning at least one privilege to a user and determining whether to 
associate each rule with said value of said characteristic according to said at least one 
privilege (col.1 lines 63-67, col.2 lines 38-41 , col. 8 lines 3-35). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tamara Teslovich whose telephone number is (571) 
272-4241. The examiner can normally be reached on Mon-Fri 8-4:30. 



Application/Control Number: 10/088,399 



Page 9 



Art Unit: 2137 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, oaTt\800-786-9199 (IN USA OR CANADA) or 571-272-1000. 






